SDK Integration | Django - Active mode

Getting Started

To get started with Real-Time protection integration, you should have completed the integration in the Monitor mode and received the initial traffic report from the ShieldSquare Service.


Real-Time Protection

Integration of Real-Time protection prevents bots in real time. In this mode every API call is replied to with an appropriate response code that indicates the action to be taken on the incoming request.


Follow these steps for integration of Real-Time Protection.

  • Move to Active mode
  • Set your configuration file
  • Configure the Rules
  • Modify your code while moving from Monitor mode to Real-Time protection
  • Verify the integration
  • Move the changes to your Production Environment
  • Block Page as an add on to ShieldSquare services

Move to Active Mode

In order to monitor your site’s traffic and control it in real time, you need to first switch to Active mode from Monitor mode. Follow the instructions below:

  1. Login to your dashboard
  2. Click on the Bot Response List link
  3. Switch the toggle button present on the right side of the screen from Monitor to Active
  4. Change the value of the mode property in the config file to "Active" instead of "Monitor"

Set your Configuration file

The configuration file which was set during Monitor mode integration will now need a few changes. These changes attribute to switching from Monitor to Active mode.

The final should look like (values may differ):

Following are the parameters which would need changes.
sidAssuming you have already integrated in Monitor mode, please use the Sandbox ID to verify the Active mode changes, and change to your Production ID once this is verified and moved to production.You can use the Sandbox ID to verify the Active mode changes first and then make use of the Production ID once the verification is done.AlphanumericYes
modeSet the mode of operation depending on the mode of activation: mode = ‘Active’; //For Active ModeStringYes

Configuring the Rules

This section helps you configure rules to manage your traffic. To do so, navigate to the Bot Response List under Configuration in the dashboard. The rules can be configured to return response codes as explained below:

-1ExceptionIndicates that the request has not reached ShieldSquare due to some issues. Such requests should be allowed access.
0AllowIndicates that the request is either coming from a genuine user or a good crawler like Google/ Bing, and the request should be allowed.
2Show CAPTCHAIndicates that the requests are coming from bad bots and a CAPTCHA page needs to be displayed.
3BlockIndicates that requests are coming from bad bots and should be blocked.
4Feed Fake Data (FFD)Indicates that requests are coming from bad bots and you can feed fake data.

Modify your code while moving from Monitor Mode to Real-Time protection

The next step is to make a few modifications in the code that makes the API call to ShieldSquare Service. This step assumes that you have already integrated API Call in Monitor mode.

The API call shieldsquare_ValidateRequest(username, calltype) will take the following parameters as inputs:

UserName: Set the User ID of logged-in visitors to shieldsquare_username

CallType: The value of shieldsquare_calltype determines the type of the call and can have the below values.

1If the current request is for a page load, pass the call type parameter to the service as 1
2If the current request is a Form Submit, pass the call type parameter to the service as 2
4If the current page is a CAPTCHA page or Block page, pass the call type parameter to the service as 4
5If the CAPTCHA is solved successfully, pass the call type parameter to the service as 5
6If the current request is from a mobile app, pass the call type parameter to the service as 6
7If the current request is from feature phones, pass the call type parameter to the service as 7

Page ID

Keep this parameter as an empty string for all call types.

The response from the API will be a JSON response. The response code can be retrieved as the value of the “responsecode” field of the JSON response and is of the type integer. These will have values which you would have configured in the previous step.

Verify Integration

Visit the verify integration page in the ShieldSquare Admin Portal. Green check marks for "API Data - IP Details" & "API Data - Session Details" will indicate the successful integration of ShieldSquare with your website. A minimum of 5 requests have to be made from the same machine using the same browser for the check marks to appear as an indication to the status of integration. In the event of a Red check mark, it indicates that a particular step might have been executed incorrectly.


ShieldSquare Customer Onboarding team will verify and validate the configurations typically within 24 hours. This will ensure that the production site’s performance is not affected due to a wrong configuration set during the integration process.

Move Changes to Production

In order to move changes to production replace sid parameter (in the ss2_config file) with the Production ID. It takes about 2-3 hours for the production data to reflect in the ShieldSquare Dashboard. Refer to the screenshot below: